Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/kk95ZS-bd_Do_MboOwKmtjmGYyc.roa
File: kk95ZS-bd_Do_MboOwKmtjmGYyc.roa (raw, json)
Hash identifier: ohZOLBuojG6D+PZF0RiDRWGVqVVQLUDC8SvfXXO6GtA=
Subject key identifier: 92:4F:79:65:2F:9B:77:F0:E8:FC:C6:E8:3B:02:A6:B6:39:86:63:27
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0195F1CA6CEAFDF511E33F8E2181B0B67FF7
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/kk95ZS-bd_Do_MboOwKmtjmGYyc.roa
Signing time: Tue 01 Apr 2025 14:38:49 +0000
ROA not before: Tue 01 Apr 2025 14:38:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42065
IP address blocks: 91.108.0.0/22 maxlen: 24
91.108.24.0/21 maxlen: 24
91.108.32.0/23 maxlen: 24
91.108.52.0/24 maxlen: 24
94.124.176.0/22 maxlen: 23
94.124.178.0/23 maxlen: 24
95.140.92.0/24 maxlen: 24
95.140.94.0/24 maxlen: 24
95.161.0.0/18 maxlen: 24
95.161.88.0/22 maxlen: 24
95.161.95.0/24 maxlen: 24
95.161.96.0/23 maxlen: 24
95.161.102.0/23 maxlen: 24
95.161.104.0/23 maxlen: 24
95.161.124.0/24 maxlen: 24
95.161.125.0/24 maxlen: 24
95.161.127.0/24 maxlen: 24
95.161.240.0/20 maxlen: 24
185.51.60.0/22 maxlen: 24
2a00:11d8::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 03 Apr 2025 07:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:ca:6c:ea:fd:f5:11:e3:3f:8e:21:81:b0:b6:7f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Apr 1 14:38:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=924f79652f9b77f0e8fcc6e83b02a6b639866327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a8:88:64:61:30:e4:c1:92:4d:b8:07:44:a2:
98:ff:ce:0e:6d:8c:c2:ab:ec:51:54:10:4f:cc:18:
f4:4b:51:f8:4e:0b:61:20:8a:38:5a:03:a0:62:8a:
b5:03:5e:0c:7b:30:2d:1e:70:5d:04:ca:8b:7f:63:
31:b3:3b:fa:66:d2:e5:de:a2:cd:c2:ff:5b:81:94:
18:91:44:b0:3b:d9:e8:b8:ec:af:21:e1:87:a6:1b:
c7:c6:67:1c:42:b4:b8:99:a6:f0:25:a6:fd:05:d9:
e3:83:d7:b8:f0:f9:e6:f0:e8:cb:7e:4c:85:f2:95:
4c:8c:bc:5e:d6:f7:a8:43:79:67:e3:81:95:14:6c:
9d:2f:e4:47:a2:ea:12:23:89:b3:1f:3a:67:18:76:
bf:98:23:ce:34:92:70:11:50:b8:c4:da:9e:71:81:
1c:3d:90:10:a0:7a:21:53:6a:bb:b0:7d:7f:98:0e:
30:b0:41:c7:9e:d1:3d:17:40:6f:7d:12:10:3d:68:
a4:c2:7d:c8:0c:1f:6a:c3:c6:97:b6:bf:e9:03:49:
bd:1b:2a:78:db:0f:ee:c1:17:58:bb:de:c5:19:4e:
86:b8:1e:dd:29:6a:cc:c4:c7:0e:26:95:2e:0c:c9:
c0:5a:fb:f7:95:66:7c:bb:42:fa:a8:0c:04:9a:be:
39:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:4F:79:65:2F:9B:77:F0:E8:FC:C6:E8:3B:02:A6:B6:39:86:63:27
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/kk95ZS-bd_Do_MboOwKmtjmGYyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.0.0/22
91.108.24.0-91.108.33.255
91.108.52.0/24
94.124.176.0/22
95.140.92.0/24
95.140.94.0/24
95.161.0.0/18
95.161.88.0/22
95.161.95.0-95.161.97.255
95.161.102.0-95.161.105.255
95.161.124.0/23
95.161.127.0/24
95.161.240.0/20
185.51.60.0/22
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
26:61:eb:c9:66:64:bc:31:39:d0:6c:cf:6e:2a:c8:05:b4:6d:
fa:95:f6:58:93:39:93:b9:b4:1f:76:67:bb:62:a0:f5:cd:94:
2c:4f:92:e5:08:6d:4d:d1:f6:66:3f:45:b4:f2:c2:5d:a7:3c:
6c:6f:1d:37:89:ff:9c:ce:bd:1a:be:12:87:af:3d:dd:77:16:
8b:45:55:c9:11:52:0a:42:98:d6:79:e9:86:3b:74:15:c0:8f:
40:8a:5c:00:3b:d5:9a:41:33:0b:dd:22:f3:41:ff:6f:e5:58:
ca:ab:90:12:0a:e9:d7:1e:54:9c:7c:1e:d3:3c:8d:76:db:12:
5c:87:30:56:0b:08:87:d8:68:f9:3c:be:3d:45:ec:91:70:14:
f4:5c:bd:59:b3:fb:8c:b6:a5:12:d8:86:7d:b2:7c:43:99:64:
31:0b:7a:3d:0e:e1:bc:85:90:df:64:c4:07:e5:fb:15:86:87:
69:03:35:a7:8f:f4:f6:30:f5:1f:88:21:33:4b:cd:19:bd:6d:
2f:0f:14:41:9d:cd:6b:c5:51:2e:10:24:5f:17:b4:ac:a6:4b:
3e:4f:dc:50:e8:67:2d:0b:3a:fc:3b:85:d2:54:46:c5:b0:f5:
5d:42:b2:a7:41:6e:36:20:16:d3:6d:05:b4:d7:a8:b1:38:a5:
c6:c6:17:08
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZXxymzq/fUR4z+OIYGwtn/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjUwNDAxMTQzODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjRmNzk2NTJmOWI3N2YwZThmY2M2ZTgzYjAyYTZiNjM5ODY2MzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaiIZGEw5MGSTbgHRKKY/84ObYzC
q+xRVBBPzBj0S1H4TgthIIo4WgOgYoq1A14MezAtHnBdBMqLf2Mxszv6ZtLl3qLN
wv9bgZQYkUSwO9nouOyvIeGHphvHxmccQrS4mabwJab9Bdnjg9e48Pnm8OjLfkyF
8pVMjLxe1veoQ3ln44GVFGydL+RHouoSI4mzHzpnGHa/mCPONJJwEVC4xNqecYEc
PZAQoHohU2q7sH1/mA4wsEHHntE9F0BvfRIQPWikwn3IDB9qw8aXtr/pA0m9Gyp4
2w/uwRdYu97FGU6GuB7dKWrMxMcOJpUuDMnAWvv3lWZ8u0L6qAwEmr45KQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFJJPeWUvm3fw6PzG6DsCprY5hmMnMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEva2s5NVpTLWJkX0RvX01ib093S210am1HWXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQCW2wA
MAwDBANbbBgDBAFbbCADBABbbDQDBAJefLADBABfjFwDBABfjF4DBAZfoQADBAJf
oVgwDAMEAF+hXwMEAV+hYDAMAwQBX6FmAwQBX6FoAwQBX6F8AwQAX6F/AwQEX6Hw
AwQCuTM8MA0EAgACMAcDBQAqABHYMA0GCSqGSIb3DQEBCwUAA4IBAQAmYevJZmS8
MTnQbM9uKsgFtG36lfZYkzmTubQfdme7YqD1zZQsT5LlCG1N0fZmP0W08sJdpzxs
bx03if+czr0avhKHrz3ddxaLRVXJEVIKQpjWeemGO3QVwI9AilwAO9WaQTML3SLz
Qf9v5VjKq5ASCunXHlScfB7TPI122xJchzBWCwiH2Gj5PL49ReyRcBT0XL1Zs/uM
tqUS2IZ9snxDmWQxC3o9DuG8hZDfZMQH5fsVhodpAzWnj/T2MPUfiCEzS80ZvW0v
DxRBnc1rxVEuECRfF7Sspks+T9xQ6GctCzr8O4XSVEbFsPVdQrKnQW42IBbTbQW0
16ixOKXGxhcI
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:27:25 2025 by rpki-client